<?php

# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#
#	FILE:			includes/custom/groupusers.php
#	FUNCTION:		Custom handler for the Group Users page
#	AUTHOR:			Cameron Morrow
#	CREATED:		03/08/2005
#
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

# Get group names and IDs
$group_names = getAllGroupNames(false, true);
$group_ids = getAllGroupIDs(false, true);

# Check group ID passed
$group_id = (@$_GET["group"]) ? (integer) $_GET["group"] : 1;

$group_name = $group_names[findInArray($group_ids, $group_id)];

# See if user ID was passed to move to this group
if (@$_POST["userid"]) {
	
	# Get ID
	$group_id_new = array();
	
	$user_id = $_POST["userid"];
	
	$sql = "SELECT DISTINCT g.g_id as g_id,g.g_name as g_name ";
	
	$sql .= "FROM ".$PROJECT_DB_TABLES["users"]." u ";
	
	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["usergroup"]." ug ON u.u_id = ug.ug_u_id ";
	
	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["groups"]." g ON g.g_id = ug.ug_g_id ";
	
	$sql .= "WHERE u_id = \"". $user_id ."\"";
	
	$groupData = getRecord($sql);
	
	$arrGroup = array();
	
	foreach($groupData as $groupValue){
		
		$arrGroup[$groupValue["g_id"]] = $groupValue["g_id"];
	}
	
	$usergroup_admin_flag = false;
	
	$usergroup_developer_flag = false;
	
	if(array_key_exists(2,$arrGroup)){
		
		$usergroup_admin_flag = true;
	}
	else if(array_key_exists(3,$arrGroup)){
		
		$usergroup_developer_flag = true;
	}
	
	if($usergroup_admin_flag==true && $usergroup_developer_flag==false){
		
		$group_id_new[$group_id] = $group_id;
	}
	else if($usergroup_developer_flag==true){
		
		$group_id_new[$group_id] = $group_id;
	}
	else if($usergroup_admin_flag==false && $usergroup_developer_flag==false){
		
		if($group_id=="2" || $group_id=="3"){
			
			$group_id_new[$group_id] = $group_id;
		}
		else{
			
			$group_id_new[$group_id] = $group_id;
			
			$group_id_new = array_merge($group_id_new,$arrGroup);
		}
	}
	
	print_r($group_id_new);

	# SQL
	//$sql = "UPDATE " . $PROJECT_DB_TABLES["users"] . " SET u_group = \"" . $group_id_new . "\" WHERE u_id = \"" . $user_id . "\"";
	
	$sql = "DELETE FROM ".$PROJECT_DB_TABLES["usergroup"]." WHERE ug_u_id = '".$user_id."'";
	
	executeSQLQuery($sql);
	
	$flag = 1;
	
	foreach($group_id_new as $group_id_key => $group_id_value){
	
		$sql = "INSERT INTO ".$PROJECT_DB_TABLES["usergroup"]." (ug_u_id,ug_g_id) VALUES ('".$user_id."','".$group_id_value."')";
		
		if(executeSQLQuery($sql)){
			
			$flag = $flag * 1; 
		}
		else{
			
			$flag = $flag * 0; 
		}
	}

	# Execute
	if ($flag == 1) {
		addMessage("<p>OK, user " . $user_id . " was assigned to the " . $group_name . " group.</p>");

		addLog($user_id . "|" . $group_id, 15);
	} else {
		addMessage("<p>Sorry, an error occured and the user " . $user_id . " could not be assigned to the " . $group_name . " group.</p>", 2);
	}
}

# Find user to modify
addContent("<h2>Find User for " . $group_name . "</h2>" .
	"<p>Search for a user to move to this group:</p>\n" .
	"<form name=\"userfindform\" id=\"userfindform\" action=\"" . $PAGE_ID . ".php?group=" . $group_id . "\" method=\"post\">" .
	"<p>User: <input type=\"text\" id=\"search\" name=\"search\" value=\"" . $SEARCH_TERM . "\" /> <input type=\"submit\" value=\"Go\" /></p>" .
	"</form>");

if ($SEARCH_TERM != "") {

	# If search was submitted execute now
	$sql = "SELECT DISTINCT u2.u_id AS u_id, u2.u_fname AS u_fname, u2.u_lname AS u_lname, u2.u_login_name AS u_login_name, u2.u_email AS u_email,g2.g_id AS g_id, g2.g_name AS g_name ";

	$sql .= "FROM ".$PROJECT_DB_TABLES["users"]." u1 ";
	
	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["usergroup"]." ug1 ON u1.u_id = ug1.ug_u_id ";
	
	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["groups"]." g1 ON ug1.ug_g_id = g1.g_id ";

	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["editgroup"]." eg ON g1.g_id = eg.eg_g_id "; 
	
	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["groups"]." g2 ON eg.eg_eg_id = g2.g_id ";
	
	$sql .= "INNER JOIN ".$PROJECT_DB_TABLES["usergroup"]." ug2 ON g2.g_id = ug2.ug_g_id ";
	
	$sql .= "RIGHT JOIN ".$PROJECT_DB_TABLES["users"]." u2 ON ug2.ug_u_id = u2.u_id ";
	
	$sql .= "WHERE u2.u_id NOT ";
	
	$sql .= "IN (";
	
	$sql .= "SELECT u3.u_id AS u_id ";
	
	$sql .= "FROM isis_groups g3 ";
	
	$sql .= "INNER JOIN isis_usergroup ug3 ON g3.g_id = ug3.ug_g_id ";
	
	$sql .= "INNER JOIN isis_users u3 ON ug3.ug_u_id = u3.u_id ";
	
	$sql .= "WHERE g3.g_id = '".$group_id."') ";
	
	$sql .= "AND (";
	
	# Fields
	foreach (array("u2.u_id", "u2.u_fname", "u2.u_lname") as $field_count => $field) {

		# Terms
		foreach (explode(" ", $SEARCH_TERM) as $term_count => $term) {
			$sql .= $field . " LIKE \"%" . $term . "%\"";
			if ($term_count < count(explode(" ", $SEARCH_TERM)) - 1) {
				$sql .= " OR ";
			}
		}

		if ($field_count < 2) {
			$sql .= " OR ";
		}
	}
	
	$sql .= ")";
	
	//echo $sql;
	
	# Get results
	$current_data = getRecord($sql);

	# Prep a table properties object for the users
	$data_properties = new TableProperties();
	
	$actionFormat="";
	if($group_name=="Administrators" || $group_name=="Developers"){
		$actionFormat="\"<input type=\\\"button\\\" onclick=\\\"moveUserToGroup('[u_id]');\\\" value=\\\"Move to " . $group_name . "\\\" />\"";
	}
	else{
		$actionFormat="\"<input type=\\\"button\\\" onclick=\\\"moveUserToGroup('[u_id]');\\\" value=\\\"Add " . $group_name . "\\\" />\"";
	}
	$data_properties -> addCustomColumn("User", "\"[u_id]<br /><em class=\\\"supplement\\\">[u_fname] [u_lname]</em>\"");
	$data_properties -> addCustomColumn("Action",$actionFormat);

	# If results found
	if (count($current_data) > 0) {

		# Draw the table	
		addContent($data_properties -> drawBrowseTable($current_data, "Results", "g_name"));
	} else {

		addContent("<h2>No results found</h2>" .
			"<p>Sorry, there were no results found for your search. It is possible that there were users found who matched the search parameters, but who were already assigned to the " . $group_name . " group.</p>");
	}
	
	# Add form
	addContent("<form name=\"moveuserform\" id=\"moveuserform\" action=\"" . $PAGE_ID . ".php?group=" . $group_id . "\" method=\"post\">" .
		"<input type=\"hidden\" id=\"userid\" name=\"userid\" value=\"\" />" .
		"<input type=\"hidden\" id=\"searchmove\" name=\"search\" value=\"" . $SEARCH_TERM . "\" />" .
		"</form>");	
}

# Close Button
addContent("<div class=\"closebutton\"><input type=\"button\" value=\"Close\" onclick=\"window.close();\" /></div>");

?>